Https Response Status Code.

60 views
Skip to first unread message

Shamsudin MH

unread,
Feb 28, 2024, 9:36:47 AMFeb 28
to ZAP Developer Group
Hi 

I want to store the status code in my database 


Code.PNG

you can suggest me either in ZAP API UI  or Java Code.


Regards
Shamsudin

psiinon

unread,
Feb 29, 2024, 4:27:12 AMFeb 29
to ZAP Developer Group
Hi Shamsudin,

I'm not really sure what you are asking for :/
Can you explain in a bit more detail?

Cheers,

Simon

Shamsudin MH

unread,
Feb 29, 2024, 7:20:15 AMFeb 29
to zaproxy...@googlegroups.com
Hi Simon
Hope your fine.

 I asked whether there was any way to acquire the HTTP status code.

For example, if I use the API anonymously reachable on active scan, if i  receive a "200" response. So I'd like to store those.. Make it as an High ALERT.

I can see those running on the Zap console, but I'm not sure where they're being stored.  


Regards
Shamsudin

--
You received this message because you are subscribed to the Google Groups "ZAP Developer Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-devel...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/zaproxy-develop/e664c4bc-1035-4678-9647-735b81758c35n%40googlegroups.com.

psiinon

unread,
Mar 4, 2024, 6:28:44 AMMar 4
to ZAP Developer Group
HI Shamsudin,

The message IDs related to the active scan can be accessed via https://www.zaproxy.org/docs/api/#ascanviewmessagesids
You can then read those messages via https://www.zaproxy.org/docs/api/#coreviewmessagesbyid

However I'd have thought that an HttpSender script might be better for you: https://github.com/zaproxy/community-scripts/tree/main/httpsender
You can first check that it is from the ACTIVE_SCANNER_INITIATOR and then check the response code.


Cheers,

Simon

Shamsudin MH

unread,
Mar 5, 2024, 6:24:27 AMMar 5
to zaproxy...@googlegroups.com
Thank ;you   Simon

Reply all
Reply to author
Forward
0 new messages